I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.
This draft defines an extension to the SIP protocol to enable a more
efficient encoding in the case where multiple phone numbers (those
under the control of a SIP-PBX) can roam together. Backwards and
forwards compatibility requirements make this change more complex than
one might expect.
There are no important security considerations for this document other
than the amplification of some DoS attacks, and much of the
information in the Security Considerations section is actually about
requirements for protocol correctness. I would assume the rest
duplicates information from the SIP specification, though I haven't
checked. The bottom line is that I believe the document is just fine
as it is.
I found two minor typos:
1) Page 3 para 2 line 3: "users" -> "user's"
2) The indented text at the end of section 3 was copied from RFC4475,
but in the copying some leading spaces on some of the lines were lost.
Since the purpose of this text is to illustrate how embedded spaces in
actual data will be represented in the body of this RFC, losing those
spaces negates the value of the section.